Suid

From LQWiki
Jump to: navigation, search

suid is short for 'set user-id on execution'. An executable with s-bit set will run as if it is run by the owner of the file, regardless of the actual user. The suid-bit is the fourth bit of the user bits of any file which reign the protection and security of files in the filesystem.

The 'suid'-bit is one of the main 'features' of Unix/Linux that determine the operating-systems' security. All programs with the s-bit set are vulnarable of attacks by intruders, since most of the files with an s-bit set are owned by root and therefore run with all the permissions of root...

The suid-bit may be set with the command

#chmod +s filename 

And revoked with

#chmod -s filename 

A file with the suid-bit set is shown in a long file-listing with an 's' instead of the usual 'x' for executables.

-rwsr-xr-x    1 root     root        41084 Mar 14  2003 umount*

One of the regular security-checks of any system-administrator is checking all files having an s-bit. If any unusual file shows up, the system might have been hacked.